ZA 2010 Fails Tojan Test

Recently I came upon the following trojan test. It came highly recommended, so I downloaded and ran it. Imagine my surprise when ZA 2010 completely failed to detect both the download and the installation. I know that it installed properly because Spybot S&D did detect it when run in "Paranoid" mode.

Re: ZA 2010 Fails Tojan Test

Originally Posted by wrhindy

Recently I came upon the following trojan test. It came highly recommended, so I downloaded and ran it. Imagine my surprise when ZA 2010 completely failed to detect both the download and the installation. I know that it installed properly because Spybot S&D did detect it when run in "Paranoid" mode.

Re: ZA 2010 Fails Tojan Test

...also simulation may be ingnored by purpose. Never trust tests. They are tests and most of the time developed by antimalware companies to show how good is their software as compared to others

The only real test is to use the tool in real environment, if you keep your ZA up to date and properly set up you are safe and protected.

Cheers,
Fax
EDIT: You should receive a pop-up from ZA informing you that "trojan simulator" want to set itself to start on your PC. You "deny" and "trojan simulator" will will fail to run. Note that your ZA program control should be set to MAX. Note that ZA free does not contain advanced control systems. Please also note that SpybotS&D can conflict with ZA apart from been weak in protection. There are better free antispyware if you really can't stay only with ZA (that, depending on the version, its perfectly enough)

Program Control was running in "Learn" mode for the 1st test, and "Maximum" for the second. In "Maximum" mode there was a pop-up window asking if I wanted to install the software, but there was nothing to identify it as potentially damaging.

The Internet Zone firewall was running in "High" mode, and the download was scanned but not identified as potentially damaging.

PS: My first computer was a TI-99 with a tape drive. My second was ran DOS 2.0. So I am not exactly a newbie. However my spouse occasionally is an accident waiting to happen, so I need the best possible protection for her laptop.

I agree that sometimes tests can be biased in favor of a particular vendor. However, several other security programs reportedly DID detect this test either during download or installation. If anyone has a different test to suggest (other than an actual trojan), I will be happy to try it.

Program Control was running in "Learn" mode for the 1st test, and "Maximum" for the second. In "Maximum" mode there was a pop-up window asking if I wanted to install the software, but there was nothing to identify it as potentially damaging.

The Internet Zone firewall was running in "High" mode, and the download was scanned but not identified as potentially damaging.

PS: My first computer was a TI-99 with a tape drive. My second was ran DOS 2.0. So I am not exactly a newbie. However my spouse occasionally is an accident waiting to happen, so I need the best possible protection for her laptop.

I agree that sometimes tests can be biased in favor of a particular vendor. However, several other security programs reportedly DID detect this test either during download or installation. If anyone has a different test to suggest (other than an actual trojan), I will be happy to try it.

I Agree with Guru fax, Most Quality Test available via the INTERNET, are usually Biased and many produce Fake Results to convince you to Buy their product, other Infect your Computer and Hold your Computer Hostage until
you Buy their Fix program to undo the damage they caused..

as for computer experience?

I have dealt with Computers for over 25 years, from Old Test Tube Main frames like a Sperry Univac with an 8 foot long keyboard with 100's of Lit Keys and 1000's of Blinking Light bulbs and Printed Results on half inch Ticker tape, a Control Data PDP-11, an IBM System 3, and a Massive CDC Torus 6400 computer that looked like the HAL 9000 in the movie 2001,

My first Personal computer was 16k Radio Shack Model I with a Cassette Tape drive that I invested $4,000.00 maxing out with a slow 1,200 Baud acustical Coupled Modem and 48K Ram and two single sided ($500.00 Each) 360K Floppy drives.., then bought the First Model II and Model IV with 5 MB HD.. then fist 10MHz IBM PC with 20MB HDD..

Re: ZA 2010 Fails Tojan Test

Originally Posted by wrhindy

PS: My first computer was a TI-99 with a tape drive. My second was ran DOS 2.0. So I am not exactly a newbie. However my spouse occasionally is an accident waiting to happen, so I need the best possible protection for her laptop.

Yes, indeed my first too TI-99 than Sinclair QL and DOS 2.0 or the reverse... can't remember LOL. Sorry, but that is a TEST, there is nothing malicious in the test. ZA can't warn you about something that is not malware.

When you will be faced by a real malware you will be faced by different warnings

And if you have to deal with someone with no knowldge of the system than you should have a separate limited account with a password protected ZA. This will limit the damage but not eliminating it. You can't avoid 100% of the malware if the user is not educated about the threads out there.

If the above is detected your ZA AV is working as it should and you are protected. Set your AV to update every 30 minutes, your program control to MAX and if you need more protection move up to ZA Extreme.

Re: ZA 2010 Fails Trojan Test

Problem solved.

As it turns out, installation of the updated version of ZA apparently shifted the program back into "Learn" mode. In addition, the ZA browser security toolbar was not active. No toolbar, no browser security apparently. I can't say that I like that arrangement. I think the browser security controls should be part of the main program windows and not dependent on a toolbar. A small rant: I think that browser toolbars are mostly useless space hogs and turn off / remove all but the most essential.

As it happens, there does not appear to be a way to create/launch a ZA browser security toolbar in the Google Chrome browser. Does that mean that ZA browser security is not compatible with Chrome?

Anyway, thanks for your responses. Properly configured, ZA does detect all of the EICAR test objects, even the double zipped one. Interestingly enough, so does Windows Defender...